<?php
include('config.php');

// 获得文件扩展名
function getextension($filename) {
	$pathinfo = pathinfo($filename);
	return $pathinfo['extension'];
}

$school =	str_replace(array('"',"'",'/','|',',','(',')','\\'), '', trim($_POST['school']));
$team =		str_replace(array('"',"'",'/','|',',','(',')','\\'), '', trim($_POST['team']));
$master =	str_replace(array('"',"'",'/','|',',','(',')','\\'), '', trim($_POST['teammaster']));
$pro = 		str_replace(array('"',"'",'/','|',',','(',')','\\'), '', trim($_POST['project']));
$level = 	str_replace(array('"',"'",'/','|',',','(',')','\\'), '', trim($_POST['level']));
$arrange = 	str_replace(array('"',"'",'/','|',',','(',')','\\'), '', trim($_POST['arrange']));

$uploaddir = '/home/content/domains/content.org.cn/public_html/summerpractise/uploads/date_'.date('m').'_'.date('d').'/';
$uploadfile = $uploaddir. $_FILES['userfile']['name'];

$fnamehash = md5(uniqid(microtime()));

if(!is_dir($uploaddir)) {
	mkdir($uploaddir, 0777);
	@chmod($uploaddir, 0777);
	fclose(fopen($uploaddir.'index.htm', 'w'));
}
$attach = array();
foreach ($_FILES['userfile'] as $key => $var ) {
	$attach[$key] = $var;
}
$attach['ext'] = getextension($attach['name']);
if ($attach['size'] < 5242880) {
	if ($attach['ext'] == 'doc') {
		if (empty($_COOKIE['LimTime']) || $_COOKIE['LimTime'] != $master)
		{
			if (move_uploaded_file($attach['tmp_name'], $uploaddir . $fnamehash .'.'. $attach['ext'])) {
				//写入数据库
				$rs = mysql_query("INSERT INTO summerpractise (id,school,team,master,project,level,arrange,attach) VALUES ('' , '".$school."' , '".$team."', '".$master."', '".$pro."', '".$level."', '".$arrange."', 'date_".date('m')."_".date('d')."/".$fnamehash.".".$attach['ext']."')");
				setcookie("LimTime",$master,time()+900,"/");
				if($rs) {
					$message = '上传成功，谢谢关注康腾实践中心';
				} else {
					$message = '上传出现错误，请后退重试。<br />如果多次无法成功上传，请联系<a href="mailto:huangjin@content.org.cn" >huangjin@content.org.cn</a>';
				}
			} else {
				$message = '上传出现错误，请后退重试。<br />如果多次无法成功上传，请联系<a href="mailto:huangjin@content.org.cn" >huangjin@content.org.cn</a>';
			}
		}
		else $message = '请不要频繁上传文档。';
	}
	else $message = '对不起，只能上传Word2003格式的文档.';
} else {
	$message = '对不起，您上传的Word2003文档过大，本次上传文档并非评奖所用，请删除掉文档内的图片后，再次上传。';
}
include('templates/message.php');
?>